Commit c702d19b authored by Juha's avatar Juha

Merge branch 'post-logout' into 'master'

Changed the logout from get to post

See merge request !6
parents 337aede7 e2e74df9
Pipeline #24085559 passed with stage
......@@ -2,10 +2,10 @@ const jwt = require('restify-jwt-community');
const nconf = require('nconf');
const restifyAsyncWrap = require('@gilbertco/restify-async-wrap');
const tokenFromCookie = require('../../../lib/token/tokenFromCookie');
const getLogout = require('./get');
const postLogout = require('./post');
module.exports = (server) => {
server.get(
server.post(
'/protected/logout',
jwt({
algorithms: ['HS256'],
......@@ -15,5 +15,5 @@ module.exports = (server) => {
credentialsRequired: false,
getToken: tokenFromCookie,
}),
restifyAsyncWrap(getLogout));
restifyAsyncWrap(postLogout));
};
......@@ -6,24 +6,24 @@ const nconf = require('nconf');
// Created in https://jwt.io/
const validToken = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJodHRwczovL2F1dGguZXhhbXBsZS5jb20iLCJpc3MiOiJodHRwczovL2F1dGguZXhhbXBsZS5jb20iLCJzdWIiOjEsImlhdCI6MTUyODAzNDk4NCwiZXhwIjoxODMxNTk5MDIyfQ.bgZHE0TZPunkx00XwqbGjWfVrnyu3xxS2_U7cZd4pNc';
describe('Get /logout API tests', () => {
describe('Post /logout API tests', () => {
afterAll(() => {
app.close();
db.sequelize.close();
});
test('Should return ok and clear cookie & token for #get /logout with valid refresh token', async () => {
test('Should return ok and clear cookie & token for #post /logout with valid refresh token', async () => {
const response = await request.agent(app)
.get('/protected/logout')
.post('/protected/logout')
.set('Cookie', `${nconf.get('cookie:name')}=${validToken}`);
expect(response.statusCode).toBe(200);
expect(response.body.accessToken).toBe('');
expect(response.header['set-cookie'][0]).toBe(`${nconf.get('cookie:name')}=; Max-Age=0; Path=/protected; HttpOnly; Secure; SameSite=Strict`);
});
test('Should return ok and clear cookie & token for #get /logout without refresh token', async () => {
test('Should return ok and clear cookie & token for #post /logout without refresh token', async () => {
const response = await request.agent(app)
.get('/protected/logout');
.post('/protected/logout');
expect(response.statusCode).toBe(200);
expect(response.body.accessToken).toBe('');
});
......
const refreshToken = require('../../../lib/token/refreshToken');
const cookie = require('cookie');
const getLogout = async (req, res, next) => {
const postLogout = async (req, res, next) => {
res.setHeader(
'Set-Cookie',
cookie.serialize(
......@@ -14,4 +14,4 @@ const getLogout = async (req, res, next) => {
return next();
};
module.exports = getLogout;
module.exports = postLogout;
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment